Cybercriminals have inundated business networks across Southeast Asia (SEA) with a barrage of financial phishing attempts, according to recent findings by Kaspersky anti-phishing technologies.
In 2023 alone, close to half a million attempts to lure users into following phishing links were thwarted by the cybersecurity firm.
Financial phishing, a subset of phishing targeting finance-related matters such as e-commerce, banking, and payment systems, poses a significant threat to businesses in the region. These malicious schemes leverage social engineering tactics to deceive users into divulging sensitive information or unwittingly granting access to their devices.
READ:
Kaspersky assists INTERPOL in disrupting Grandoreiro malware operation
Kaspersky warns mobile security risks on the rise
“The rise of generative AI helps cybercriminals to make phishing messages or scam resources more convincing,” said Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky. “As a result, it becomes challenging for people to distinguish between a scam and a legitimate communication. That’s why the role of robust security solutions increases.”
Throughout 2023, Kaspersky’s solutions intercepted and blocked 455,708 financial phishing attempts targeting businesses of varying sizes across SEA. These activities were spread across multiple communication channels, including emails, fraudulent websites, messengers, and social media platforms.
The Philippines emerged as the hotspot for financial phishing, recording a staggering 163,279 attempts last year. Malaysia followed closely behind with 124,105 incidents, while Indonesia, Vietnam, Thailand, and Singapore faced 97,465, 36,130, 25,227, and 9,502 attacks, respectively.
“Cybercriminals employ various tactics, including financial-related phishing, to deceive employees and trick them into falling victim to an attack,” Yeo said. “Our recent study showed employee security violations can be as damaging as external hacking for companies in Asia Pacific, which means the human factor continues to play a role in making businesses vulnerable.”
As businesses grapple with the persistent threat posed by cybercriminals, experts emphasize the importance of bolstering security measures, employee education, and enhancing the company’s ability to detect and respond to cyber threats effectively.